Support cache-dependency-paths outside the current directory

[PeterJCLaw]

Description:

I'm building a composite Action which uses actions/setup-python internally. When specifying the requirements.txt from the action setting up Python fails, though I thiiink I'm passing the right values.

Here's what I've got:

    - name: Set up Python
      uses: actions/setup-python@v3
      with:
        python-version: '3.10'
        cache: pip
        cache-dependency-path: ${{ github.action_path }}/requirements.txt

Here's the error I get:

No file in /home/runner/work/sr2022-comp/sr2022-comp matched to [/home/runner/work/_actions/PeterJCLaw/srcomp-validate-action/bd809ff12b77607cc2f0ebbd035d6f0a5c8d32fc/requirements.txt], make sure you have checked out the target repository

sr2022-comp is the repo I'm using to test the action, srcomp-validate-action is the action.

My specific use-case only has a couple of dependencies so #351 would likely work as a fix, though I can imagine that a more complex scenario would want this to work.

Platform: Ubuntu

[PeterJCLaw]

I'm currently working around this by coping the requirements file into a temporary directory within the working directory and then referencing that, instead of the original. This doesn't feel like a great solution though as it ends up polluting the target repo's working copy.

[dmitry-shibanov]

Hello @PeterJCLaw. Thank you for your report. Could you please provide a public repository to reproduce the issue ?

[dmitry-shibanov]

Hello @PeterJCLaw. Actually, I think the root cause of the issue in the toolkit/glob package. The hashFiles function tries to compare if the passed directory matches with GITHUB_WORKSPACE. The composite action's directory and checkout project's directory don't match, that is why if does hash the file and the actions setup-python throws an error.

[PeterJCLaw]

Thanks for your replies.
For completeness the repos in question are:

• https://github.com/PeterJCLaw/srcomp-validate-action/
• https://github.com/srobo/sr2022-comp/ (specifically Make use of compstate validation action srobo/sr2022-comp#5)

I've raised actions/toolkit#1035 for the underlying issue.

[dmitry-shibanov]

Hello @PeterJCLaw. For now I'm going to close the pull request because the root cause of the issue comes from the toolkit repository. If you have any concerns feel free to ping us.

[PeterJCLaw]

@dmitry-shibanov would you be open to reopening this issue? It looks like hashFiles has a new parameter now which allows callers to specify the workspace directory (actions/toolkit#1318), which I think would help here?

[dmitry-shibanov]

Hello @PeterJCLaw. In this case I'm coming to reopen the issue to investigate it one more time.

edit: Sorry for edit in the first glance I thought it was a pull request.

[zyv]

@dmitry-shibanov we also got hit by this one, any news whether this can be addressed now, that there is a new parameter in toolkit available?

[jjhidalgar]

I'm also hit by this issue, I guess this line is quite common:

${{ github.action_path }}

[zyv]

@dmitry-shibanov any progress on that?

[aparnajyothi-y]

Hello Everyone, Thank you for reporting this issue. The changes related to the new hashFiles parameter, which allows callers to specify the workspace directory, are part of PR #1318 in the Toolkit and have been incorporated into setup-python as part of PR #772. These changes are included in setup-python v5.

The current limitation when using the setup-python action with composite actions arises from the fact that it supports relative paths, while absolute paths are not yet allowed. This could be considered a feature request rather than a bug.

To work around this limitation when using absolute paths, we create a symbolic link to requirements.txt from the composite action's directory. This allows the setup-python action to access it, even though the path would otherwise be relative to the repository's root.

# Step 2: Create symbolic link for requirements.txt
- name: Create symbolic link for requirements.txt
  run: ln -s ${{ github.action_path }}/requirements.txt
  shell: bash

Please feel free to reach out if you need any further clarifications or have additional concerns.

[dekimsey]

Hi @aparnajyothi-y, I'd like to ask for clarification in your example:

To work around this limitation when using absolute paths, we create a symbolic link to requirements.txt from the composite action's directory.

Would this not overwrite or otherwise modify the workspace just to execute the setup-python action?

It brings to mind all sorts of edge cases now about testing for existing requirements.txt, having a third step to clean it up, etc.
When I author actions (including composite) I tend to try to keep side-effect changes on disk to a temp directory or in my own scratch space (in the case of composites). I cannot guarantee what state the workspace is in before or after my action executes.

[aparnajyothi-y]

Hello @dekimsey, Thank you for your feedback and for providing additional context regarding the new changes in setup-python v5.

We understand the concern around the inability to use absolute paths with composite actions. To clarify, the symbolic link approach was suggested as a temporary solution to allow the setup-python action to reference files (like requirements.txt) located outside the default path scope.

We completely agree with your point about the potential side effects of modifying the workspace, particularly with shared or pre-existing directories. We’ll focus on more robust approaches, such as using a temporary directory or scratch space, when implementing this feature.

Thanks again for your valuable input! Please let us know if you have any further suggestions.